We slipped up in wanting to show off how a student found an exploit in class (posted here). The truth was it was a critical exploit to Wicd, but a very minor vulnerability, if that, for Backtrack. What has been missed in all of this is that it is a real priv escalation 0day for distros that are used in multi user deployments, such as Arch, Debian, etc. Being in the security industry, the vuln was discovered on the BT5 distribution and unfortunately that was where we focused instead of placing the focus on wicd. We missed when we should have informed the wicd devs rather than (or in addition to) BT, that was honestly overlooked on our part. The title of the advisory when we released it was (and still is) “wicd Privilege Escalation 0Day Tested against Backtrack 5, 5 R2, Arch distributions”, when we went to shorten this down to something digestible for email subject lines and tweets, we make a critical error in shortening it to “priv escalation 0day in Bactrack 5 R2”. This shortening is misleading and incorrect. We should have shortened the title to be “priv escalation 0day in wicd”. Finally, we’d like to add that an incredible amount of good work has gone into Backtrack, and with every release it becomes more and more valuable to the security community. It was honestly our expectation that when we initially emailed them we would get a “wow, thanks” and we regret this comes off as malicious to them. ISI apologized to the entire backtrack team publicly on 4/12/12, and we would like to take this opportunity to apologize to mati and the backtrack again, and ask for forgiveness.
